diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 42327ca6a0e4..de8be729b695 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -58,6 +58,8 @@ __FBSDID("$FreeBSD$"); #include #endif +#include + #include #define NAMEI_DIAGNOSTIC 1 @@ -145,6 +147,12 @@ namei(ndp) error = copyinstr(ndp->ni_dirp, cnp->cn_pnbuf, MAXPATHLEN, (size_t *)&ndp->ni_pathlen); + /* If we are auditing the kernel pathname, save the user pathname. */ + if (cnp->cn_flags & AUDITVNODE1) + AUDIT_ARG(upath, td, cnp->cn_pnbuf, ARG_UPATH1); + if (cnp->cn_flags & AUDITVNODE2) + AUDIT_ARG(upath, td, cnp->cn_pnbuf, ARG_UPATH2); + /* * Don't allow empty pathnames. */ @@ -460,6 +468,12 @@ dirloop: VREF(dp); } ndp->ni_vp = dp; + + if (cnp->cn_flags & AUDITVNODE1) + AUDIT_ARG(vnode, dp, ARG_VNODE1); + else if (cnp->cn_flags & AUDITVNODE2) + AUDIT_ARG(vnode, dp, ARG_VNODE2); + if (!(cnp->cn_flags & (LOCKPARENT | LOCKLEAF))) VOP_UNLOCK(dp, 0, td); /* XXX This should probably move to the top of function. */ @@ -714,6 +728,11 @@ nextname: } else if ((cnp->cn_flags & LOCKPARENT) == 0 && ndp->ni_dvp != dp) VOP_UNLOCK(ndp->ni_dvp, 0, td); + if (cnp->cn_flags & AUDITVNODE1) + AUDIT_ARG(vnode, dp, ARG_VNODE1); + else if (cnp->cn_flags & AUDITVNODE2) + AUDIT_ARG(vnode, dp, ARG_VNODE2); + if ((cnp->cn_flags & LOCKLEAF) == 0) VOP_UNLOCK(dp, 0, td); success: diff --git a/sys/sys/namei.h b/sys/sys/namei.h index 9b62a3d3cb67..69148cc1831a 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -139,7 +139,9 @@ struct nameidata { #define NOMACCHECK 0x0800000 /* do not perform MAC checks */ #define MPSAFE 0x1000000 /* namei() must acquire Giant if needed. */ #define GIANTHELD 0x2000000 /* namei() is holding giant. */ -#define PARAMASK 0x3fffe00 /* mask of parameter descriptors */ +#define AUDITVNODE1 0x4000000 /* audit the looked up vnode information */ +#define AUDITVNODE2 0x8000000 /* audit the looked up vnode information */ +#define PARAMASK 0xffffe00 /* mask of parameter descriptors */ #define NDHASGIANT(NDP) (((NDP)->ni_cnd.cn_flags & GIANTHELD) != 0)